diff options
author | Eelco Dolstra <eelco.dolstra@logicblox.com> | 2014-01-21T14·30+0100 |
---|---|---|
committer | Eelco Dolstra <eelco.dolstra@logicblox.com> | 2014-01-21T14·30+0100 |
commit | 81628a6ccc6ce496735b22492bee15c9ad46f072 (patch) | |
tree | d1ec18b84514d2f44700082f8d800efb929a7678 /perl/lib/Nix/Crypto.pm | |
parent | b1db599dd05e86f65e73dc40584913e6e78c2bac (diff) | |
parent | 5ef8508a92997dbd7f8aa501b64fd283fb1c7bb8 (diff) |
Merge branch 'master' into make
Conflicts: src/libexpr/eval.cc
Diffstat (limited to 'perl/lib/Nix/Crypto.pm')
-rw-r--r-- | perl/lib/Nix/Crypto.pm | 42 |
1 files changed, 42 insertions, 0 deletions
diff --git a/perl/lib/Nix/Crypto.pm b/perl/lib/Nix/Crypto.pm new file mode 100644 index 000000000000..0286e88d3d28 --- /dev/null +++ b/perl/lib/Nix/Crypto.pm @@ -0,0 +1,42 @@ +package Nix::Crypto; + +use strict; +use MIME::Base64; +use Nix::Store; +use Nix::Config; +use IPC::Open2; + +our @ISA = qw(Exporter); +our @EXPORT = qw(signString isValidSignature); + +sub signString { + my ($privateKeyFile, $s) = @_; + my $hash = hashString("sha256", 0, $s); + my ($from, $to); + my $pid = open2($from, $to, $Nix::Config::openssl, "rsautl", "-sign", "-inkey", $privateKeyFile); + print $to $hash; + close $to; + local $/ = undef; + my $sig = <$from>; + close $from; + waitpid($pid, 0); + die "$0: OpenSSL returned exit code $? while signing hash\n" if $? != 0; + my $sig64 = encode_base64($sig, ""); + return $sig64; +} + +sub isValidSignature { + my ($publicKeyFile, $sig64, $s) = @_; + my ($from, $to); + my $pid = open2($from, $to, $Nix::Config::openssl, "rsautl", "-verify", "-inkey", $publicKeyFile, "-pubin"); + print $to decode_base64($sig64); + close $to; + my $decoded = <$from>; + close $from; + waitpid($pid, 0); + return 0 if $? != 0; + my $hash = hashString("sha256", 0, $s); + return $decoded eq $hash; +} + +1; |